Overview

overview

10

Static

static

3

21124c24b1...cs.exe

windows7-x64

10

21124c24b1...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    21124c24b11649f51dceadb0fe29f410_NeikiAnalytics

  • Size

    46KB

  • Sample

    240509-newkzaeg5s

  • MD5

    21124c24b11649f51dceadb0fe29f410

  • SHA1

    6b579694e1521e2ce59869241308f571b5784258

  • SHA256

    ac63ad9088052facbb948fe1dcf297b30c6da1ff36f9f18a2bdad1688d736f94

  • SHA512

    8a45d89994bfba70e019a6a32ca983e30e5a459aac45ce4a7c6c861894d607b83bdf105652af65446c7e977ad0ec2f59e2cf8daf1f8a626832e578e5bd6499f6

  • SSDEEP

    768:jIUMkihRUPgMcOhK2aMdsllbHX1ODn+TuTW+p:jli/wgMcOQxcolbX1ODn2w

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      21124c24b11649f51dceadb0fe29f410_NeikiAnalytics

    • Size

      46KB

    • MD5

      21124c24b11649f51dceadb0fe29f410

    • SHA1

      6b579694e1521e2ce59869241308f571b5784258

    • SHA256

      ac63ad9088052facbb948fe1dcf297b30c6da1ff36f9f18a2bdad1688d736f94

    • SHA512

      8a45d89994bfba70e019a6a32ca983e30e5a459aac45ce4a7c6c861894d607b83bdf105652af65446c7e977ad0ec2f59e2cf8daf1f8a626832e578e5bd6499f6

    • SSDEEP

      768:jIUMkihRUPgMcOhK2aMdsllbHX1ODn+TuTW+p:jli/wgMcOQxcolbX1ODn2w

    Score
    10/10
    evasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks